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DETAILED ACTION 

Claims 1-1 1 and 16-21 have been fully considered but are not deemed allowable for the reasons 
given below. Regarding the Interview on 10/19/05, the examiner greatly appreciates the applicant's time 
and efforts in seeking to expedite prosecution in the case. 

5 

Claim Rejections - 35 USC §112 

The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
10 art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 

set forth the best mode contemplated by the inventor of carrying out his invention. 



Claims 1-11 and 16-21 are rejected under 35 U.S.C. 112, first paragraph, as failing to comply with 
15 the written description requirement. The claim(s) contains subject matter which was not described in the 
specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor(s), 
at the time the application was filed, had possession of the claimed invention. The applicant has added 
new limitations to the claim. In the remarks, filed 10/12/05, the applicant states that the amendments may 
be found, for example, on page 25 of the specification. Page 25, in its entirety is presented below: 

20 

"...does not need to initiate any communication with the CA clones in the CA cluster network 400 
of Figure 4. During the shutdown period, the CA clones will continue to send revocation certificate 
records to the CRL merger service 470 of Figure 4. Since all the CA clones know exactly which records 
were received and which records were not received by the CRL merger service 470, attempts will be 
25 made continuously made until, either, the CA clone has been shut down, or the CRL merger service 470 
is up and running again. This will continue until the revocation certificate record is successfully received 
by the CRL merger service 470 and the record is published in the CRL 460 database. 

In addition, each of the CA clones should remember which last publication of a revocation notice, 
30 revocation certificate record, was successful. As such, all unpublished revocation certificate records will 
be kept in memory (e.g., cache memory) for retransmission. 

To avoid searching through the entire CRL 460 database for unpublished revocation certificate 
records, under graceful shutdown of the CRL merger service 470, the CA clone can be allowed to store 
35 its unpublished revocation certificate records, which are stored in cache memory, to a more permanent 
storage location". 
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After having fully considered page 25 and applicant's entire Specification, the examiner finds no 
support for limitations e) and f) of claim 1 and substantially similar matter in claim 16 in which applicant 
claims "sending notification to the one of said plurality of CA clone servers that the single CRL has been 
successfully updated" and "removing the notice comprising the revocation information from the memory of 
5 the one of the plurality of CA clone servers upon receipt of the notification". The examiner requires that 
the applicant make appropriate correction to the claims or indicate where these limitations are disclosed. 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

10 rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
15 Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-4,8,16-18, and 21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Zubeldia, U.S. Patent No. 6,044,462, in view of Asay, U.S. Patent Application Publication No. 
20 2001/0011255, in further view of McGauley, U.S. Patent No. 5,899,998. 

As per claims 1 and 16, the applicant describes a method of creating a certificate revocation list 
(CRL) comprising the following limitations which are met by Zubeldia in view of Asay in further view of 
McGauley: 

25 a) creating a single CRL that is centralized, said single CRL associated with a single certificate 

authority (CA) comprising a master server coupled to a plurality of CA clone servers (Zubeldia: Col 7, 
lines 38-40; Fig 6); 

b) maintaining said single CRL with said master server (Zubeldia: Col 7, lines 14-15; Fig 6); 
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c) receiving notice, from one of said plurality of CA clone servers, at said master server 
containing revocation information regarding a certificate, wherein the one of said plurality of CA clone 
servers stores the notice in memory (Zubelida: Col 7, lines 7-11); 

d) updating said single CRL according to said revocation information (Col 7, line 66 to Col 8, line 

5 7); 

e) sending notification to the one of said plurality of CA clone servers that the single CRL has 
been successfully updated (Asay: [0130]); 

f) removing the notice comprising the revocation information from the memory of the one of the 
plurality of CA clone servers upon receipt of the notification (McGauley: Col 1 3, lines 43-48); 

10 Zubeldia discloses all of the limitations of parts a through d. Zubeldia does not disclose the 

limitations of parts e) and f)- After one of the CA clone servers sends a notice containing revocation 
information regarding a certificate to the master server, Zubelida is silent as to sending a notification to a 
CA clone server (part e) and removing the notice comprising the revocation information from memory 
(part f). 

15 Asay discloses the idea of sending notification that a CRL has been successfully updated in 

response to receipt of revocation information. Combining Asay into the system of Zubeldia allows a 
notification signal to be sent from the master server to the CA clone server in response to the receipt of 
revocation information as prescribed by Zubelida (Col 7, lines 7-11). It would have been obvious to one 
of ordinary skill in the art at the time the invention was filed to combine the ideas of Asay with Zubeldia 

20 because sending a notification signal allows the CA clone server to know that the revocation information 
has been successfully received. 

Zubeldia in view of Asay disclose all the limitations of parts a through e. However, Zubeldia in 
view of Asay do not disclose removing the notice from memory upon receipt of the notification. McGauley 
discloses a method of updating information in which update information is removed from memory upon 

25 receipt of notification regarding receipt of the update information. Combining McGauley into the system 
of Zubeldia in view of Asay allows for the deletion of the notice upon receipt of the notification. It would 
have been obvious to one of ordinary skill in the art at the time the invention was filed to combine the 
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ideas of McGauley with Zubeldia in view of Asay because the notice information is only necessary as part 
of the single CRL at the database (DBMS) and, accordingly, deleting the notice information on the CA 
clone server frees up memory space of unnecessary information. 

As per claims 2 and 17, the applicant describes the method of claims 1 and 16, which are met by 
Zubeldia in view of Asay in further view of McGauley, with the following limitation which is met by 
Zubeldia: 

Wherein step d) comprises adding said certificate to said single CRL when said revocation 
information indicates said certificate is revoked, said revocation information associated with a revocation 
event occurring at one of said plurality of CA clone servers (Zubeldia: Col 7, line 66 to Col 8, line 7). 

As per claims 3 and 18, the applicant describes the method of claims 1 and 16, which are met by 
Zubeldia in view of Asay in further view of McGauley, with the following limitation which is met by 
Zubeldia: 

Wherein step d) comprises removing said certificate from said single CRL when said revocation 
information indicates said certificate is valid, said revocation information associated with a revocation 
event occurring at one of said plurality of CA clone servers (Zubeldia: Col 7, line 66 to Col 8, line 7); 

As per claims 4 and 21 , the applicant limits the method of claims 1 and 16, which are met by 
Zubeldia in view of Asay in further view of McGauley, with the following limitation which is met by 
Zubeldia: 

Maintaining said single CRL with a CRL merger service module located at said master server 
(Zubeldia: Col 7, lines 14-15); 

As per claim 7, the applicant limits the method of claim 1, which is met by Zubeldia in view of 
Asay in further view of McGauley, with the following limitation which is met by Zubeldia: 
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Transmitting said single CRL that is updated to a recipient over a communication network 
(Zubeldia: Col 7, lines 29-37; Col 6, lines 57-59); 

Referring to figure 6, a user requests information through a server which communicates with the 
database and sends the requested information back to the user. The requested information can be a 
5 validity check or a CRL (Col 6, lines 57-64). 

As per claim 8, the applicant limits the method of claim 1, which is met by Zubeldia in view of 
Asay in further view of McGauley, with the following limitation which is met by Zubeldia: 

Providing certificate authority services not including maintaining and managing said single CRL at 
1 0 each of said plurality of CA clone servers (Zubeldia: Col 7, lines 7-11). 



Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

rejections set forth in this Office action: 

15 (a) A patent may not be obtained though the invention is not identically disclosed or described as set 

forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

20 

Claims 5,10,11, and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over Zubeldia 
in view of Asay in further view of McGauley in further view of Parkvall, U.S. Patent Application Publication 
No. 2002/0080719. 

25 

As per claims 5 and 19, the applicant limits the method of creating a CRL as described in claims 
1 and 16, which are met by Zubeldia in view of Asay in further view of McGauley, with the following 
limitation which is met by Parkvall: 

Sending said notice over a secure communications channel (Parkvall: [0004]); 
30 Zubeldia in view of Asay in further view of McGauley does not disclose sending information over 

a secure communications channel. Parkvall discloses the notion of Stop and Wait ARQ communication 
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between two parties in which one packet is sent to a recipient and the sender waits for an 
acknowledgement before sending a second packet. Thus, Parkvall introduces the idea of creating a 
secure communications channel through acknowledgement signals between a sender and a receiver. 

It would have been obvious to one of ordinary skill in the art at the time the invention was filed to 
5 incorporate the ideas of Parkvall with those of Zubeldia in view of Asay in further view of McGauley 

because doing so provides the clone servers assurance that information they send is properly received by 
the master server and not subject to transmission failures. 



As per claim 1 0, the applicant discloses the method of claim 1 , which is met by Zubeldia in view 
10 of Asay in further view of McGauley, with the following limitation which is met by Parkvall: 

a) at said one of said plurality of clone servers, detecting whether said notice was received at said 
master server (Parkvall: [0004]); 

b) repeatedly sending said notice until received by said master server (Parkvall: [0004]); 
Through Stop and Wait Automatic Response Request (ARQ), an acknowledgement is sent to the 

15 sender or clone server if the message is received (part a). Automatic Response Request also includes 
sending a notice to repeat the sending of the message in the case of an error (part b). 

As per claim 1 1 , the applicant discloses the method of claim 1 0, which is met by Zubeldia in view 
of Asay in further view of McGauley, with the following limitation which is met by Parkvall: 
20 Storing said notice if said notice was not received at said master server (Parkvall: [0004]); 

Through Stop and Wait Automatic Response Request (ARQ), the message or packet is stored 
until confirmation that it has been correctly received at which time the message or packet is deleted. 



25 



Claims 5,6,9,19, and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable over Zubeldia 
in view of Asay in further view of McGauley in further view of Oracle (Oracle Internet Directory 
Administrator's Guide. Release 2.0.6. 1999), 
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As per claims 5,6, and 19 t the applicant describes the method of creating a CRL as described in 
claims 1 and 16, which are met by Zubeldia in view of Asay in further view of McGauley, with the following 
limitation which is met by Oracle: 

Sending said notice over a secure communication channel (Oracle: Page 3); 
5 Zubeldia in view of Asay in further view of McGauley does not disclose sending information over 

a secure communication channel. Oracle discloses the Oracle Internet Directory, a service which 
provides directory access control. Among the features of Oracle Internet Directory are providing a secure 
communication channel through a secure socket layer (SSL) authenticated access system. 

It would have been obvious to one of ordinary skill in the art at the time the invention was filed to 
10 combine the ideas of Oracle with those of Zubeldia in view of Asay in further view of McGauley because 
doing so makes the system more robust and less subject to data manipulation or attacks. 

As per claims 9 and 20, the applicant describes the method of creating a CRL as described in 
claims 1 and 16, which is met by Zubeldia in view of Asay in further view of McGauley, with the following 
1 5 limitation which is met by Oracle: 

Storing said CRL in a database accessed via a lightweight directory access protocol (LDAP) that 
supports a Secure Sockets Layer (SSL) (Oracle: Pages 1-3). 

Response to Arguments 

20 Applicant's arguments, see Remarks filed 10/12/05, with respect to claim 1 have been considered 

but are moot in view of the new ground(s) of rejection. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office 
25 action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of 
the extension of time policy as set forth in 37 CFR 1.136(a). 
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A shortened statutory period for reply to this final action is set to expire THREE MONTHS from 
the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date 
of this final action and the advisory action is not mailed until after the end of the THREE-MONTH 
shortened statutory period, then the shortened statutory period will expire on the date the advisory action 
5 is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later than SIX 
MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should 
be directed to Kevin Schubert whose telephone number is (571) 272-4239. The examiner can normally 
10 be reached on M-F 7:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Emmanuel Moise can be reached on (571) 272-3865. The fax phone number for the organization where 
this application or proceeding is assigned is 571-273-8300. 



15 Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-217-9197 (toll-free). 



Information regarding the status of an application may be obtained from the Patent Application 



20 



EMMANUEL L MOISE 
SUPERVISORY PATENT EXAMINER 
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